libertador.mx Open in urlscan Pro
170.10.164.71 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ad.atdmt.com/s/go;adv=14130;c.a=11415;p.a=3032014;a.a=320114;qpb=1;cache=30114;?h=msonline-auth01.web.app/dsi...
Effective URL:
https://libertador.mx/wp-home.php
Submission: On January 12 via manual (January 12th 2022, 3:36:59 pm UTC) from US — Scanned from DE

Summary HTTP 85 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 17 domains to perform 85 HTTP transactions. The main IP is 170.10.164.71, located in United States and belongs to STEADFAST, US. The main domain is libertador.mx.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 3rd 2021. Valid for: 3 months.

This is the only time libertador.mx was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
15	152.199.23.37 152.199.23.37	15133 (EDGECAST) (EDGECAST)
3	40.126.31.143 40.126.31.143	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2a00:f940:2:2... 2a00:f940:2:2:1:1:0:57	197695 (AS-REG) (AS-REG)
2 5	170.10.164.71 170.10.164.71	32748 (STEADFAST) (STEADFAST)
6	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d23:e001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1 7	151.101.65.181 151.101.65.181	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	162.247.141.190 162.247.141.190	() ()
1	104.111.229.66 104.111.229.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.89.22.29 104.89.22.29	16625 (AKAMAI-AS) (AKAMAI-AS)
10	151.101.129.181 151.101.129.181	54113 (FASTLY) (FASTLY)
1 3	142.0.160.53 142.0.160.53	() ()
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	3.89.170.15 3.89.170.15	() ()
2	18.66.112.98 18.66.112.98	() ()
85	21

1 2a03:2880:f02d:5:face:b00c:0:8c (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

msonline-auth01.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 152.199.23.37 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.126.31.143 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f940:2:2:1:1:0:57 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

danslemonde.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 170.10.164.71 (United States) 2 redirects

ASN32748 (STEADFAST, US)
PTR: audiomedia.mx

libertador.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:b0c0:3:d0::d23:e001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

www.spfi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.65.181 (United States) 1 redirects

ASN54113 (FASTLY, US)

play.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.141.190 (None, )

ASN- ()

bdcms.advisorgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.229.66 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-66.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.22.29 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-22-29.deploy.static.akamaitechnologies.com

img04.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.129.181 (United States)

ASN54113 (FASTLY, US)

assets.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.0.160.53 (None, ) 1 redirects

ASN- ()

s204200226.t.eloqua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.89.170.15 (None, )

ASN- ()

raw.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.98 (None, )

ASN- ()

cdn.vidyard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	vidyard.com 1 redirects play.vidyard.com — Cisco Umbrella Rank: 10584 assets.vidyard.com — Cisco Umbrella Rank: 21803 Failed raw.vidyard.com cdn.vidyard.com	446 KB
15	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 1252	289 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 455 p.typekit.net — Cisco Umbrella Rank: 565	141 KB
6	spfi.com www.spfi.com	308 KB
5	libertador.mx 2 redirects libertador.mx	74 KB
3	eloqua.com 1 redirects s204200226.t.eloqua.com	2 KB
3	live.com login.live.com — Cisco Umbrella Rank: 54	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	425 B
2	en25.com img.en25.com — Cisco Umbrella Rank: 5868 img04.en25.com — Cisco Umbrella Rank: 13493	9 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	113 KB
1	advisorgroup.com bdcms.advisorgroup.com
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	868 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	40 KB
1	danslemonde.ru 1 redirects danslemonde.ru	150 B
1	web.app msonline-auth01.web.app	9 KB
1	atdmt.com 1 redirects ad.atdmt.com — Cisco Umbrella Rank: 2070	953 B
85	17

	Domain	Requested by
15	aadcdn.msftauth.net	msonline-auth01.web.app libertador.mx
10	assets.vidyard.com	play.vidyard.com assets.vidyard.com
7	play.vidyard.com	1 redirects www.spfi.com play.vidyard.com assets.vidyard.com
6	www.spfi.com	libertador.mx www.spfi.com
5	use.typekit.net	www.spfi.com use.typekit.net
5	libertador.mx	2 redirects msonline-auth01.web.app libertador.mx
4	raw.vidyard.com	assets.vidyard.com
3	s204200226.t.eloqua.com	1 redirects www.spfi.com
3	login.live.com	msonline-auth01.web.app libertador.mx
2	cdn.vidyard.com	www.spfi.com assets.vidyard.com
2	www.facebook.com	www.spfi.com
2	connect.facebook.net	msonline-auth01.web.app connect.facebook.net
1	img04.en25.com	www.spfi.com
1	img.en25.com	play.vidyard.com
1	bdcms.advisorgroup.com	www.spfi.com
1	www.google-analytics.com	www.googletagmanager.com
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	www.spfi.com
1	www.googletagmanager.com	www.spfi.com
1	danslemonde.ru	1 redirects
1	msonline-auth01.web.app
1	ad.atdmt.com	1 redirects
85	22

This site contains links to these domains. Also see Links.

Domain
passwordreset.spfi.com
www.spfi.com
privacy.spfi.com

Subject Issuer	Validity	Valid
web.app GTS CA 1D4	`2021-12-02` - `2022-03-02`	3 months	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2021-05-13` - `2022-05-13`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2021-11-25` - `2022-11-25`	a year	crt.sh
libertador.mx cPanel, Inc. Certification Authority	`2021-11-03` - `2022-02-01`	3 months	crt.sh
joinsagepoint.com R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-08-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.vidyard.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-05` - `2022-12-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-21` - `2022-01-19`	3 months	crt.sh
bdcms.advisorgroup.com Trusted Secure Certificate Authority 5	`2020-07-27` - `2022-07-27`	2 years	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
*.t.eloqua.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2022-04-08`	2 years	crt.sh

This page contains 7 frames:

Primary Page: https://libertador.mx/wp-home.php
Frame ID: A1ADA39959F168DF137E3A9D875784AE
Requests: 21 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: 2439CADB56ABCF7398662B299F2EC1E5
Requests: 1 HTTP requests in this frame

Frame: https://www.spfi.com/
Frame ID: 9C8BCA27B57B41E4AD0DA0C17D4A0DEB
Requests: 38 HTTP requests in this frame

Frame: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Frame ID: 0EFA189CB91C6AFE20C77E6836435D7E
Requests: 3 HTTP requests in this frame

Frame: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Frame ID: 1CF5B7B64FFEB999E02A69C760DE8D8E
Requests: 1 HTTP requests in this frame

Frame: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Frame ID: 26EFA7F5AA20EB6DD656A98890FE89CB
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A2E7DC8FEB996654205341C9CBF228EC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

https://ad.atdmt.com/s/go;adv=14130;c.a=11415;p.a=3032014;a.a=320114;qpb=1;cache=30114;?h=msonlin... HTTP 302
https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm Page URL
https://danslemonde.ru/rss.php?url=https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm HTTP 302
https://libertador.mx/auth01.php?client-request-id=ZHNpaUBzcGZpLmNvbQ== HTTP 302
https://libertador.mx/wp-home.php Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

85
Requests

76 %
HTTPS

50 %
IPv6

17
Domains

22
Subdomains

21
IPs

4
Countries

1453 kB
Transfer

4870 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://passwordreset.spfi.com/?ru=https%3a%2f%2flogin.spfi.comonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSv4vTcADFL-1dPY8Tzx-DLnKDiChp02_SpDl0yF166a98c23SJulS0uSbNmnSpGnapP0LxMnJwdFFPATBSZycHG5yFMHNSRBEEHTzTmdxebzHe9v7bG3S-SLIF_PEnSzIE3s3KYYuUVRpgJPApHGKHRB4mUQ0XrRY8rQCDG0a0eWtHaq6-fXljU_Ss9eff-y01P1jbHcUx-Fsr1BIkiQf2LZjorwZ-AXPmFjOZLgArzHsPYY9yWygCS7sH2dmNMkwJAAliiwTDEvTpWJeUvRU9ztFyJuxqPQcKBOEqJigqXie6OuxrnZKcNXzoNob6ash1VNrJegOV9BvxaIrUmd76I7Tplr3ocvFPaHuQsUaQ78DdKW1-pi5KHHzeATOJIicFfqeOW8Hkd8Pg1n8JPs4c1iWhRKhd5whstvVpDpezniLIpYTq12PqvWIKkrNJXJSN6yFdaJBBSnPjec1R66wugX1AV_Zb_Gy7A_EZpqQLSJkDQg4wzA4ekmO-1L3QMSbqE-X7Vjcnx6VbXnO6D53gJhZb1Ki8Kk-lQ8r847L0I62MAyxpQk4VMfpKB7hDGshW2XkFLXiMOQVEjCeN1i27cZS6S2a8dwRovaBWhZDrSXhAjPQZCGelvVJJ5hqyXCGmkdkfW6wKy6VTbzBm0lVdVduOGjXu00IEMdVuKQBJAPZ1livVUWUBjVmeJQcZ6__494FeJXNnRo_mJxkmSBEE8faDaPAdjz0LyQWoCD9SdXAR3nO896vY1_WtzdzO9vXsN2121eJjZ_r2NONU84-3H147_6vF9Xnq3eNtzu31k42ClSZZfheJeh2hnItEjSO9WtS1OW7wlyFsSaPZodQG9jaoUHcp_aKj3LYo1zuJHepxvdhRZEVDvJcmwd94lsOe3Bu7c35_5L7cfvK1tbc6XuBaXhodvkvwW8vrP0G0&mkt=en-GB&hosted=0&device_platform=macOS
Title: Forgotten my password

Search URL Search Domain Scan URL

URL: https://www.spfi.com/en-GB/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.spfi.com/en-GB/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ad.atdmt.com/s/go;adv=14130;c.a=11415;p.a=3032014;a.a=320114;qpb=1;cache=30114;?h=msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm HTTP 302
https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm Page URL
https://danslemonde.ru/rss.php?url=https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm HTTP 302
https://libertador.mx/auth01.php?client-request-id=ZHNpaUBzcGZpLmNvbQ== HTTP 302
https://libertador.mx/wp-home.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://ad.atdmt.com/s/go;adv=14130;c.a=11415;p.a=3032014;a.a=320114;qpb=1;cache=30114;?h=msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm HTTP 302
https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm

Request Chain 21

https://libertador.mx/); HTTP 301
https://libertador.mx/

Request Chain 63

https://s204200226.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=204200226&ms=86 HTTP 302
https://s204200226.t.eloqua.com/visitor/v200/svrGP.aspx?pps=70&siteid=204200226&ms=86&elqCookie=1

Request Chain 77

https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.jpg HTTP 302
https://cdn.vidyard.com/thumbnails/gj6BqczG4SWl5rpRWcQ8Ig/47b75e2b565f2c8469cd73.jpg

85 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

dsiiq0Hspfia7XB8xr7Pm Show response
msonline-auth01.web.app/
Redirect Chain

https://ad.atdmt.com/s/go;adv=14130;c.a=11415;p.a=3032014;a.a=320114;qpb=1;cache=30114;?h=msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm

29 KB
9 KB

246ms
209ms

Document
text/html

2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b99424afcd1d912bcd45bc165a6f22d1bffa7ea7feb6ca24b09efc1e13c0484

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: "8fa0e411e73d4ba1d107a9b7dcfe9a6e32c9b380298053a7c60914032b9bed76"
last-modified: Sat, 08 Jan 2022 11:52:24 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Wed, 12 Jan 2022 15:36:54 GMT
x-served-by: cache-mxp6931-MXP
x-cache: MISS
x-cache-hits: 0
x-timer: S1642001815.540243,VS0,VE192
vary: x-fh-requested-host, accept-encoding
content-length: 9355

Redirect headers

location: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
x-fb-rlafr: 0
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-frame-options: DENY
content-type: text/html; charset="utf-8"
x-fb-debug: JH/hQHvHTME1+pKww/ZpdzV4S00G1djrWKZ6YVj3/+fpfHFy4mzZArtDjwxuv5D9JQ5SjiJBU22efCCaXFwA/Q==
content-length: 0
date: Wed, 12 Jan 2022 15:36:54 GMT

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 108 KB
20 KB 40ms
16ms Stylesheet
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: 8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11

Request headers

Referer: https://msonline-auth01.web.app/
Origin: https://msonline-auth01.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:54 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 8723988
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 459 KB
126 KB 40ms
16ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FBF) /
Resource Hash: ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d

Request headers

Referer: https://msonline-auth01.web.app/
Origin: https://msonline-auth01.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:54 GMT
content-encoding: gzip
content-md5: e+GEpArZIh9idGnWSOj0zg==
age: 5699440
x-cache: HIT
content-length: 128665
x-ms-lease-status: unlocked
last-modified: Thu, 04 Nov 2021 21:02:14 GMT
server: ECAcc (frc/8FBF)
etag: 0x8D99FD6608B3F3E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9719d12f-b01e-0053-38f4-d36e6f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js Show response
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 42 KB
12 KB 96ms
73ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) /
Resource Hash: a423ac7e2310bc44a1defeb1f6df180cab8a59442e7f41d093f21649fcc86e69

Request headers

Referer: https://msonline-auth01.web.app/
Origin: https://msonline-auth01.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:54 GMT
content-encoding: gzip
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
age: 6910997
x-cache: HIT
content-length: 12608
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (frc/8F6C)
etag: 0x8D992B5E417004E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 oneDs_472fa3a12b65cf387ccd.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 78 KB
26 KB 34ms
11ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1F) /
Resource Hash: 235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://msonline-auth01.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:54 GMT
content-encoding: gzip
content-md5: xAmVJ4UrtXATagLD0tDXoQ==
age: 6910752
x-cache: HIT
content-length: 26117
x-ms-lease-status: unlocked
last-modified: Thu, 21 Oct 2021 01:02:25 GMT
server: ECAcc (frc/8F1F)
etag: 0x8D9942E72241B02
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5b0f795e-f01e-0076-44ef-c8059f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
5 KB 39ms
15ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDD) /
Resource Hash: 2b3df4d53882fba74216d365e7344c782145f2faf8e08a2d69c548f5fbc7fbf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://msonline-auth01.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:54 GMT
content-encoding: gzip
content-md5: +lZRrDLGp8Gp/hURw2aXyQ==
age: 3000547
x-cache: HIT
content-length: 5386
x-ms-lease-status: unlocked
last-modified: Thu, 04 Nov 2021 21:02:05 GMT
server: ECAcc (frc/8FDD)
etag: 0x8D99FD65BAB30A3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c9af81e9-f01e-0057-3980-ec85c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9E) /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://msonline-auth01.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:54 GMT
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
age: 22155265
x-cache: HIT
content-length: 1435
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (frc/8E9E)
etag: 0x8D79A1B9F5E121A
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0c55977d-f01e-0098-2849-3ebec7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 203ms
111ms Other
text/html 40.126.31.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.31.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://msonline-auth01.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
20 KB 8ms
7ms Other
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://msonline-auth01.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:54 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 8723988
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
12 KB 8ms
8ms Other
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://msonline-auth01.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:54 GMT
content-encoding: gzip
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
age: 6910997
x-cache: HIT
content-length: 12608
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (frc/8F6C)
etag: 0x8D992B5E417004E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm Show response
login.live.com/ Frame 2439 2 KB
2 KB 188ms
107ms Document
text/html 40.126.31.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/Me.htm?v=3

Requested by

Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.31.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://msonline-auth01.web.app/

Response headers

Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: deflate
Expires: Sat, 10 Jan 2032 15:36:55 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: b67f0454-08d4-4f22-a90d-cb8a458a9132
PPServer: PPV: 30 H: BL02PF034260CED V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Date: Wed, 12 Jan 2022 15:36:54 GMT
Content-Length: 1114

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 2 KB
825 B 7ms
7ms Image
image/svg+xml 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE5) /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://msonline-auth01.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:54 GMT
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
age: 15941451
x-cache: HIT
content-length: 673
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (frc/8FE5)
etag: 0x8D7B007297AE131
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1528e04b-101e-0063-5ccd-76af16000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2

200

Primary Request wp-home.php Show response
libertador.mx/
Redirect Chain

https://danslemonde.ru/rss.php?url=https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
https://libertador.mx/auth01.php?client-request-id=ZHNpaUBzcGZpLmNvbQ==
https://libertador.mx/wp-home.php

31 KB
8 KB

224ms
223ms

Document
text/html

170.10.164.71
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://libertador.mx/wp-home.php
Requested by: Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 170.10.164.71 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: audiomedia.mx
Software: LiteSpeed / PHP/7.4.27
Resource Hash: 57f463de37e6db48663e4d05f75108fcfc4457adf50d023319e004b2268e4e96

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm#reporting.web.app/myweb32.web.app/user.app/settings/notification-4e0rr70db9ec/oauth2/_3TUE34aDfFZ4KFYPT2LS/redirecting_to_organisation

Response headers

x-powered-by: PHP/7.4.27
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Wed, 12 Jan 2022 15:36:56 GMT
server: LiteSpeed

Redirect headers

x-powered-by: PHP/7.4.27
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
location: wp-home.php
content-type: text/html; charset=UTF-8
content-length: 0
date: Wed, 12 Jan 2022 15:36:56 GMT
server: LiteSpeed
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 108 KB
20 KB 8ms
7ms Stylesheet
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: libertador.mx
URL: https://libertador.mx/wp-home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: 8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11

Request headers

Referer: https://libertador.mx/
Origin: https://libertador.mx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:56 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 8723990
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
5 KB 12ms
11ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js
Requested by: Host: libertador.mx
URL: https://libertador.mx/wp-home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC1) /
Resource Hash: 0140da8c4170309baa728814f96185de2c71bb6a9101d51cb040ece949aa3128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://libertador.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:56 GMT
content-encoding: gzip
content-md5: iY5CLUIh9JBLJeGkywpVeQ==
age: 6590708
x-cache: HIT
content-length: 5420
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:55 GMT
server: ECAcc (frc/8FC1)
etag: 0x8D997E5DC79B53A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fc77aabe-d01e-0043-3cd9-cbd147000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pidpdisambiguation_76e0875415977704da38.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 7 KB
2 KB 12ms
11ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_76e0875415977704da38.js
Requested by: Host: libertador.mx
URL: https://libertador.mx/wp-home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F96) /
Resource Hash: e9b270d2a6af5d01dd798963a97d66ce020da7501b55c0239c0b5d7c1d5d2375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://libertador.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:56 GMT
content-encoding: gzip
content-md5: 1A1WnDfolxSryQ87DZzNXQ==
age: 6591853
x-cache: HIT
content-length: 2359
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:55 GMT
server: ECAcc (frc/8F96)
etag: 0x8D997E5DC900061
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ec7e0d1c-c01e-000a-3fd6-cbf4c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_ppassword_6f5648a25cfbe86f348c.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 20 KB
6 KB 12ms
12ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_6f5648a25cfbe86f348c.js
Requested by: Host: libertador.mx
URL: https://libertador.mx/wp-home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8B) /
Resource Hash: 7cb7621f3eb49c78b89d119106cf42981a3075da154dc96af6ca24f8f68c6f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://libertador.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:56 GMT
content-encoding: gzip
content-md5: JELxaubb1KDAtUnzSblILg==
age: 6613964
x-cache: HIT
content-length: 5736
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:56 GMT
server: ECAcc (frc/8F8B)
etag: 0x8D997E5DD3425FC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 82e0f209-401e-006b-7aa2-cb8839000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H3-29 200 logo.svg
libertador.mx/ 4 KB
1 KB 109ms
108ms Image
image/svg+xml 170.10.164.71
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libertador.mx/logo.svg
Requested by: Host: libertador.mx
URL: https://libertador.mx/wp-home.php
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 170.10.164.71 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: audiomedia.mx
Software: LiteSpeed /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://libertador.mx/wp-home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:56 GMT
content-encoding: br
last-modified: Wed, 12 Jan 2022 05:02:23 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1369
expires: Wed, 19 Jan 2022 15:36:56 GMT

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 109ms
107ms Other
text/html 40.126.31.143
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: libertador.mx
URL: https://libertador.mx/wp-home.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.31.143 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://libertador.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
19 KB 10ms
8ms Other
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: libertador.mx
URL: https://libertador.mx/wp-home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://libertador.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:56 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 8723990
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
12 KB 10ms
8ms Other
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by: Host: libertador.mx
URL: https://libertador.mx/wp-home.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://libertador.mx/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 12 Jan 2022 15:36:56 GMT
content-encoding: gzip
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
age: 6910999
x-cache: HIT
content-length: 12608
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (frc/8F6C)
etag: 0x8D992B5E417004E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 / Show response
www.spfi.com/ Frame 9C8B 217 KB
29 KB 707ms
158ms Document
text/html 2a03:b0c0:3:d0::d23:e001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spfi.com/

Requested by

Host: libertador.mx
URL: https://libertador.mx/wp-home.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:e001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

cfc1eb795799c74cc607534b7e0f338d267c62cdb6d9cdec33b7905ae4664f96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://libertador.mx/

Response headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html; charset=UTF-8
date: Wed, 12 Jan 2022 15:36:56 GMT
etag: "138fb4ccf43f43fd9f133ea5ca1b7a48-ssl-df"
strict-transport-security: max-age=31536000
x-nf-request-id: 01FS7EYQA8KR4MSXHHKGKQRN7D
vary: Accept-Encoding
age: 2
server: Netlify
content-encoding: br

GET
H3-29

200

/
libertador.mx/
Redirect Chain

https://libertador.mx/);
https://libertador.mx/

64 KB
64 KB

109ms
109ms

Image
text/html

170.10.164.71
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://libertador.mx/
Requested by: Host: libertador.mx
URL: https://libertador.mx/wp-home.php
Protocol: H3-29
Server: 170.10.164.71 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: audiomedia.mx
Software: LiteSpeed / PHP/7.4.27
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://libertador.mx/wp-home.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:56 GMT
content-encoding: br
etag: "559220-1641970778;br"
server: LiteSpeed
x-powered-by: PHP/7.4.27
x-litespeed-cache: hit
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
link: <https://libertador.mx/wp-json/>; rel="https://api.w.org/"
content-length: 14136

Redirect headers

date: Wed, 12 Jan 2022 15:36:56 GMT
server: LiteSpeed
x-powered-by: PHP/7.4.27
x-litespeed-cache: hit
content-type: text/html; charset=UTF-8
location: https://libertador.mx/
cache-control: no-cache, must-revalidate, max-age=0
content-length: 0
x-redirect-by: WordPress
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 9C8B 105 KB
40 KB 53ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N82WNQZ&l=dataLayer

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a50d5646d625a6aa2eeeab1e4fe9a12ed09cc7908f9cd1b8763f109341cfcf9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40957
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 12 Jan 2022 15:36:57 GMT

GET
H2 200 manifest.b5d62e0430e61a38a3c9.js Show response
www.spfi.com/_nuxt/ Frame 9C8B 1 KB
785 B 245ms
245ms Script
application/javascript 2a03:b0c0:3:d0::d23:e001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spfi.com/_nuxt/manifest.b5d62e0430e61a38a3c9.js

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:e001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

cd0c07da1fe840ecf9bfea269f276131187910a0b4f0e2588303714564a29f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FS7EYQJN5V1C5CFFCH0HK332
date: Wed, 12 Jan 2022 15:36:57 GMT
content-encoding: br
server: Netlify
age: 0
etag: "a8e05f53de7a04a286cd1eedf738f01a-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 692

GET
H2 200 vendor.853df3d1025e777f2d7f.js Show response
www.spfi.com/_nuxt/ Frame 9C8B 481 KB
153 KB 155ms
155ms Script
application/javascript 2a03:b0c0:3:d0::d23:e001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spfi.com/_nuxt/vendor.853df3d1025e777f2d7f.js

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:e001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

8eca49c5ee141944fca5d72f217284e840301609407f8be06f5fc98e2fa0037e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FS7EYQJN39HSYA7HF0BR9G15
date: Wed, 12 Jan 2022 15:36:57 GMT
content-encoding: br
server: Netlify
age: 0
etag: "89515171151f6a617ce54edb935460e4-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 app.3a8327b95d6c64e245c3.js Show response
www.spfi.com/_nuxt/ Frame 9C8B 429 KB
73 KB 156ms
155ms Script
application/javascript 2a03:b0c0:3:d0::d23:e001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spfi.com/_nuxt/app.3a8327b95d6c64e245c3.js

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:e001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

7841c13c4461e8668f5296f671ace00515354947405540daa74954484def9055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FS7EYQJNC22PJHV3CJ0A8AA4
date: Wed, 12 Jan 2022 15:36:57 GMT
content-encoding: br
server: Netlify
age: 0
etag: "1d615ee3e46b2a6d7a8719910b627fb9-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes

GET
H2 200 default.8cbf342ba0b8f3f94a1e.js Show response
www.spfi.com/_nuxt/layouts/ Frame 9C8B 1 KB
732 B 146ms
146ms Script
application/javascript 2a03:b0c0:3:d0::d23:e001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spfi.com/_nuxt/layouts/default.8cbf342ba0b8f3f94a1e.js

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:e001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

24a88c345a2ae827062fd9467741e4ecdcca04ea7042b801ea697fbf0d2cc969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FS7EYQJNR6Q75F600B69PQPP
date: Wed, 12 Jan 2022 15:36:57 GMT
content-encoding: br
server: Netlify
age: 0
etag: "6b6ef63508d689d99f9e2e23af686839-ssl-df"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 581

GET
H2 200 mju8dci.css
use.typekit.net/ Frame 9C8B 3 KB
965 B 198ms
149ms Stylesheet
text/css 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/mju8dci.css

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

94cf4b4a7d988f8784f7314c826d4c3862bdb22f1c17d955c0fff098a05af256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Wed, 12 Jan 2022 15:36:57 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 733

GET
H2 200 icon
fonts.googleapis.com/ Frame 9C8B 569 B
868 B 41ms
16ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 15:36:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 12 Jan 2022 15:36:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jan 2022 15:36:57 GMT

GET
H2 200 dg1258gnEQP1zD8h8XhAgo.js Show response
play.vidyard.com/ Frame 9C8B 54 KB
13 KB 402ms
340ms Script
text/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.js?v=3.1.1&type=inline

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8cae2500518b647558d059faaad884a16a3e29db606db34a5d0151a98f1d6e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:57 GMT
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=31557600
content-length: 12697
x-served-by: cache-mxp6929-MXP
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1642001817.266762,VS0,VE317
x-frame-options: ALLOWALL
etag: W/"d833-eNMg9n0AlB7T4Ls++oON0X2n8a4"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 api.js Show response
play.vidyard.com/v0/ Frame 9C8B 19 KB
7 KB 86ms
24ms Script
application/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/v0/api.js

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:57 GMT
via: 1.1 varnish
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
age: 983
x-cache: HIT
content-encoding: gzip
content-length: 7168
x-served-by: cache-mxp6929-MXP
x-china: 0
last-modified: Fri, 30 Apr 2021 19:42:10 GMT
x-timer: S1642001817.266888,VS0,VE1
etag: "7b874dd3eb596697c6d49ba7ed6880f8"
strict-transport-security: max-age=31557600
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 p.css
p.typekit.net/ Frame 9C8B 5 B
162 B 29ms
8ms Stylesheet
text/css 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=mju8dci&ht=tk&f=139.175.5474.4948&a=8328427&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mju8dci.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:57 GMT
last-modified: Thu, 05 Nov 2020 13:49:42 GMT
server: nginx
etag: "5fa402f6-5"
content-type: text/css
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 icomoon.8cdde70.ttf
www.spfi.com/_nuxt/fonts/ Frame 9C8B 52 KB
52 KB 153ms
153ms Font
font/ttf 2a03:b0c0:3:d0::d23:e001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spfi.com/_nuxt/fonts/icomoon.8cdde70.ttf

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a03:b0c0:3:d0::d23:e001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Netlify /

Resource Hash

b02a9c2805929fa163391296f9889dbef7e4256dce3f42fc215f9a18fc602026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.spfi.com/
Origin: https://www.spfi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nf-request-id: 01FS7EYQT4HCJVV7TXVH5KPZS3
date: Wed, 12 Jan 2022 15:36:57 GMT
server: Netlify
age: 0
etag: "3e74b964af8e90aa4f3333dc33d4c358-ssl"
strict-transport-security: max-age=31536000
content-type: font/ttf
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
content-length: 52904

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ Frame 9C8B 33 KB
33 KB 53ms
14ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mju8dci.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c

Request headers

Referer: https://use.typekit.net/mju8dci.css
Origin: https://www.spfi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:57 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33656

GET
H2 200 l
use.typekit.net/af/78a4c2/00000000000000003b9b0783/27/ Frame 9C8B 42 KB
43 KB 149ms
111ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78a4c2/00000000000000003b9b0783/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mju8dci.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1710be9a21ba309a4989ad9d8cfadb9df527ce4bd54f34edf1a56326644584bd

Request headers

Referer: https://use.typekit.net/mju8dci.css
Origin: https://www.spfi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:57 GMT
server: nginx
etag: "702f5103c08c6c2fdebd58b73941fe0423dda511"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 43284

GET
H2 200 dg1258gnEQP1zD8h8XhAgo Show response
play.vidyard.com/ Frame 0EFA 3 KB
2 KB 121ms
121ms Document
text/html 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.js?v=3.1.1&type=inline

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

320a1a83a052ba29ef81452884db8c914fd7a17e7d5e9ac8ef2f7aac1cc6d14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/

Response headers

content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-frame-options: ALLOWALL
cache-control: no-store, no-cache, must-revalidate
etag: W/"dd6-5kKQRVzqufZISVB6olYkL53qMVE"
x-china: 0
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Jan 2022 15:36:57 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-mxp6929-MXP
x-cache: MISS
x-cache-hits: 0
x-timer: S1642001818.615596,VS0,VE101
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1463

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ Frame 9C8B 32 KB
32 KB 14ms
14ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mju8dci.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9

Request headers

Referer: https://use.typekit.net/mju8dci.css
Origin: https://www.spfi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:57 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ Frame 9C8B 32 KB
32 KB 16ms
16ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/mju8dci.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a

Request headers

Referer: https://use.typekit.net/mju8dci.css
Origin: https://www.spfi.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:57 GMT
server: nginx
etag: "474f8294a654ddd4e855cc66b1bb647cd40bfa9b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32380

GET runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js
assets.vidyard.com/play/js/ Frame 0EFA 0
0

GET main-a6875cc9a4bc0c905ad9e719ee986a48.js
assets.vidyard.com/play/js/ Frame 0EFA 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 9C8B 98 KB
26 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: msonline-auth01.web.app
URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: DVT36Hz2sfJePOn+4iItLl+prG94H528nOt+Za+JKkSJfdx7kGzqAKmM+l/0Uigj3iqwsUGcgNHFvjfYZVfq9g==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 12 Jan 2022 15:36:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dg1258gnEQP1zD8h8XhAgo.js Show response
play.vidyard.com/ Frame 9C8B 54 KB
12 KB 18ms
18ms Script
text/javascript 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.js?v=3.1.1&type=inline

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/_nuxt/vendor.853df3d1025e777f2d7f.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8cae2500518b647558d059faaad884a16a3e29db606db34a5d0151a98f1d6e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:57 GMT
content-encoding: gzip
age: 0
x-cache: HIT
strict-transport-security: max-age=31557600
content-length: 12697
x-served-by: cache-mxp6929-MXP
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1642001818.864354,VS0,VE0
x-frame-options: ALLOWALL
etag: W/"d833-eNMg9n0AlB7T4Ls++oON0X2n8a4"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 9C8B 49 KB
20 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N82WNQZ&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 123
date: Wed, 12 Jan 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 12 Jan 2022 17:34:54 GMT

GET
H2 200 premier-presence-image-SPF.jpg
bdcms.advisorgroup.com/uploads/14/09/ Frame 9C8B 32 KB
0 1025ms
125ms Image
image/jpeg 162.247.141.190

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdcms.advisorgroup.com/uploads/14/09/premier-presence-image-SPF.jpg
Requested by: Host: www.spfi.com
URL: https://www.spfi.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 162.247.141.190 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
last-modified: Thu, 06 Sep 2018 00:17:23 GMT
server: nginx
etag: "4b2cd-57528d0a91e1e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 307917
expires: Fri, 11 Feb 2022 15:36:58 GMT

GET 6-home-page-banner-image-SPF-1920x_.jpg
bdcms.advisorgroup.com/uploads/12/03/ Frame 9C8B 0
0

GET SPF-Home-Video-Splashscreen-V3.jpg
bdcms.advisorgroup.com/uploads/05/00/ Frame 9C8B 0
0

GET 8-home-hero-image-all-about-relationships-SPF-250x_.png
bdcms.advisorgroup.com/uploads/00/09/ Frame 9C8B 0
0

GET 8-home-hero-image-comprehensive-tools-and-support-SPF-250x_.png
bdcms.advisorgroup.com/uploads/01/01/ Frame 9C8B 0
0

GET 8-home-hero-image-proof-is-in-the-retention-SPF-250x_.png
bdcms.advisorgroup.com/uploads/02/01/ Frame 9C8B 0
0

GET 8-home-hero-image-customized-transition-SPF-250x_.png
bdcms.advisorgroup.com/uploads/07/06/ Frame 9C8B 0
0

GET mycmo-icon-250x_.png
bdcms.advisorgroup.com/uploads/02/12/ Frame 9C8B 0
0

GET mysuccessionplan-icon-250x_.png
bdcms.advisorgroup.com/uploads/12/15/ Frame 9C8B 0
0

GET opsportal-icon-250x_.png
bdcms.advisorgroup.com/uploads/04/15/ Frame 9C8B 0
0

GET eQuipt-R_Black-250x_.png
bdcms.advisorgroup.com/uploads/11/11/ Frame 9C8B 0
0

GET Contact_Us_Image_SPF_Purple_00-1-600x_.jpg
bdcms.advisorgroup.com/uploads/02/14/ Frame 9C8B 0
0

GET AG-logo-shadow-600x_.png
bdcms.advisorgroup.com/uploads/14/00/ Frame 9C8B 0
0

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ Frame 9C8B 6 KB
3 KB 86ms
28ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.js?v=3.1.1&type=inline

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 14 Oct 2021 00:58:49 GMT
Date: Wed, 12 Jan 2022 15:36:58 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "28352a696c0d71:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Wed, 12 Jan 2022 15:36:58 GMT

GET
H/1.1 200
OK elqCfg.min.js Show response
img04.en25.com/i/ Frame 9C8B 6 KB
6 KB 60ms
17ms Script
application/x-javascript 104.89.22.29
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img04.en25.com/i/elqCfg.min.js

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/_nuxt/app.3a8327b95d6c64e245c3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.89.22.29 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-22-29.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: application/x-javascript
Last-Modified: Thu, 14 Oct 2021 00:58:49 GMT
ETag: "28352a696c0d71:0"
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Date: Wed, 12 Jan 2022 15:36:58 GMT
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 6080
X-XSS-Protection: 1; mode=block
Expires: Wed, 12 Jan 2022 15:36:58 GMT

GET
H3 200 319751181967822 Show response
connect.facebook.net/signals/config/ Frame 9C8B 305 KB
87 KB 141ms
129ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/319751181967822?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

917922f314775180d49112af968063dd2726f064cf18ba39080b28a615ac4578

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: G379cq5oG9Uop3gvhghuu98DAk3SKeoIfue6nCyhG2d4qHXZxqqVigGm0dpeElmArEcgfnJBvtXYYS4OasVThQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 12 Jan 2022 15:36:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET dg1258gnEQP1zD8h8XhAgo
play.vidyard.com/ Frame 1CF5 0
0

GET
H2 200 dg1258gnEQP1zD8h8XhAgo Show response
play.vidyard.com/ Frame 26EF 3 KB
2 KB 21ms
18ms Document
text/html 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&

Requested by

Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.js?v=3.1.1&type=inline

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

320a1a83a052ba29ef81452884db8c914fd7a17e7d5e9ac8ef2f7aac1cc6d14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/

Response headers

content-type: text/html; charset=utf-8
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-frame-options: ALLOWALL
cache-control: no-store, no-cache, must-revalidate
etag: W/"dd6-5kKQRVzqufZISVB6olYkL53qMVE"
x-china: 0
content-encoding: gzip
accept-ranges: bytes
date: Wed, 12 Jan 2022 15:36:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-mxp6929-MXP
x-cache: HIT
x-cache-hits: 2
x-timer: S1642001818.067651,VS0,VE0
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
strict-transport-security: max-age=31557600
content-length: 1463

GET
H2 200 runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js Show response
assets.vidyard.com/play/js/ Frame 26EF 7 KB
2 KB 16ms
16ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de79fb72983eadb6f3a820260eb0fa2556af7de602df8e37df8ed11a9a99c4c0

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 80097
x-cache: HIT
content-length: 2260
via: 1.1 varnish
x-served-by: cache-mxp6963-MXP
last-modified: Tue, 11 Jan 2022 17:20:11 GMT
x-timer: S1642001818.094077,VS0,VE0
etag: "1ef6f2bc4b5dd08575ae0523b7074c8b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 254

GET
H2 200 main-a6875cc9a4bc0c905ad9e719ee986a48.js Show response
assets.vidyard.com/play/js/ Frame 26EF 101 KB
13 KB 17ms
16ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Requested by: Host: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 3162085
x-cache: HIT
content-length: 13448
via: 1.1 varnish
x-served-by: cache-mxp6963-MXP
last-modified: Thu, 02 Dec 2021 18:35:08 GMT
x-timer: S1642001818.094212,VS0,VE0
etag: "5330e201fbbf207c28cf6c9304098519"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 2078

GET
H/1.1

200
OK

svrGP.aspx Show response
s204200226.t.eloqua.com/visitor/v200/ Frame 9C8B
Redirect Chain

https://s204200226.t.eloqua.com/visitor/v200/svrGP?pps=70&siteid=204200226&ms=86
https://s204200226.t.eloqua.com/visitor/v200/svrGP.aspx?pps=70&siteid=204200226&ms=86&elqCookie=1

79 B
580 B

120ms
120ms

Script
application/javascript

142.0.160.53

General

Check archive.org

Show headers Download Go to

Full URL

https://s204200226.t.eloqua.com/visitor/v200/svrGP.aspx?pps=70&siteid=204200226&ms=86&elqCookie=1

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

HTTP/1.1

Server

142.0.160.53 -, , ASN (),

Reverse DNS

Software

Resource Hash

b2da0d34bc20a7474bbafbd285e2557a913697d9c431a5367ac317de31d8b619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 12 Jan 2022 15:36:58 GMT
X-Robots-Tag: noindex, nofollow
Vary: Accept-Encoding
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 105
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Date: Wed, 12 Jan 2022 15:36:58 GMT
X-Robots-Tag: noindex, nofollow
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://s204200226.t.eloqua.com/visitor/v200/svrGP.aspx?pps=70&siteid=204200226&ms=86&elqCookie=1
Cache-Control: no-store
Content-Type: text/html; charset=utf-8
Content-Length: 226
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK svrGP
s204200226.t.eloqua.com/visitor/v200/ Frame 9C8B 49 B
448 B 440ms
126ms Image
image/gif 142.0.160.53

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s204200226.t.eloqua.com/visitor/v200/svrGP?pps=3&siteid=204200226&ref2=https%3A%2F%2Flibertador.mx%2F&tzo=0&ms=86&optin=disabled

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.160.53 -, , ASN (),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Type: image/gif
Date: Wed, 12 Jan 2022 15:36:57 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 dg1258gnEQP1zD8h8XhAgo.json Show response
play.vidyard.com/player/ Frame 26EF 7 KB
3 KB 273ms
271ms Fetch
application/json 151.101.65.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://play.vidyard.com/player/dg1258gnEQP1zD8h8XhAgo.json?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&

Requested by

Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.65.181 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

86286f4616a94f600ee4763af92f853f4c15e9f41668e66b6072067929153f35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Frame-Options	ALLOWALL

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
referrer: https://www.spfi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: gzip
age: 0
x-cache: MISS
strict-transport-security: max-age=31557600
content-length: 2999
x-served-by: cache-mxp6929-MXP
x-china: 0
access-control-allow-origin: *
referrer-policy: no-referrer-when-downgrade
x-timer: S1642001818.126332,VS0,VE254
x-frame-options: ALLOWALL
etag: W/"1a11-A/SVsCdIpVCxKMYa1TQFtBRytRU"
vary: X-ThumbnailAB, X-China, accept-language, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 varnish
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 9C8B 44 B
407 B 25ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=319751181967822&ev=PageView&dl=https%3A%2F%2Fwww.spfi.com%2F&rl=https%3A%2F%2Flibertador.mx%2F&if=true&ts=1642001818291&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&it=1642001818045&coo=false&exp=p0&rqm=GET

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 12 Jan 2022 15:36:58 GMT

GET
H2 200 vendors~player~player-pomo~unreleased-23ba81238d561794271079b57f689372.js Show response
assets.vidyard.com/play/js/ Frame 26EF 158 KB
41 KB 17ms
16ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player~player-pomo~unreleased-23ba81238d561794271079b57f689372.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bf01ab9f046dc819fbea8bd6d1ed6d5a58ccfd0b984e471e4b777f2e47dd0494

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 497062
x-cache: HIT
content-length: 41563
via: 1.1 varnish
x-served-by: cache-mxp6963-MXP
last-modified: Thu, 06 Jan 2022 21:31:09 GMT
x-timer: S1642001818.401584,VS0,VE0
etag: "76b42b247be1315b5112ad6a28f8fcf8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1341

GET
H2 200 vendors~access-code~player-pomo~whitelisted-embed-5fc0b87018c1b3d27c50c2f31531cae9.js Show response
assets.vidyard.com/play/js/ Frame 26EF 102 KB
29 KB 34ms
34ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~access-code~player-pomo~whitelisted-embed-5fc0b87018c1b3d27c50c2f31531cae9.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7baf1065b332eb246bcaaff2cdc578f49a40dd330199a8f30aa42ec0779f7c90

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 497062
x-cache: HIT
content-length: 29248
via: 1.1 varnish
x-served-by: cache-mxp6963-MXP
last-modified: Thu, 06 Jan 2022 21:31:09 GMT
x-timer: S1642001818.401689,VS0,VE0
etag: "6598894d762ff8bcfd2421fb68de9de3"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1218

GET
H2 200 vendors~player-pomo-55be6fadc5cf949b6bf154d73ffc8179.js Show response
assets.vidyard.com/play/js/ Frame 26EF 675 KB
120 KB 34ms
33ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/vendors~player-pomo-55be6fadc5cf949b6bf154d73ffc8179.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0b0ce0816e242c7d7bb23ac10230cde3760a43b20ab97a1b46227aad4fa484ed

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 159434
x-cache: HIT
content-length: 123088
via: 1.1 varnish
x-served-by: cache-mxp6963-MXP
last-modified: Mon, 10 Jan 2022 19:18:49 GMT
x-timer: S1642001818.401766,VS0,VE0
etag: "368180f10c187da9c0579715526d3c8d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 967

GET
H2 200 player-pomo-d8eaea07b360c0d102fe6d0951291a91.css
assets.vidyard.com/play/stylesheets/ Frame 26EF 37 KB
7 KB 51ms
51ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/player-pomo-d8eaea07b360c0d102fe6d0951291a91.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7872693b7b855585997078607549e8c051149f530758a631f6b4cefb8b30af35

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 80097
x-cache: HIT
content-length: 7356
via: 1.1 varnish
x-served-by: cache-mxp6963-MXP
last-modified: Tue, 11 Jan 2022 17:20:11 GMT
x-timer: S1642001818.402637,VS0,VE0
etag: "4b19c9a316ecac0365fc3bb12eb2c5b5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 257

GET
H2 200 player-pomo-d8eaea07b360c0d102fe6d0951291a91.js Show response
assets.vidyard.com/play/js/ Frame 26EF 246 KB
50 KB 51ms
51ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/player-pomo-d8eaea07b360c0d102fe6d0951291a91.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b61c4706f67b0001deff82fe1b928e0a3b4ee5da5a877e3e28a9d5b902b95552

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 80096
x-cache: HIT
content-length: 51433
via: 1.1 varnish
x-served-by: cache-mxp6963-MXP
last-modified: Tue, 11 Jan 2022 17:20:11 GMT
x-timer: S1642001818.402720,VS0,VE0
etag: "79b62946a42f8449703b7b489ea0d319"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 259

GET
H2 200 6-3d58e029a8c5109e822bd1284268b89c.js Show response
assets.vidyard.com/play/js/ Frame 26EF 437 KB
98 KB 17ms
16ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/6-3d58e029a8c5109e822bd1284268b89c.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1ca7d0d9858435537eb16bdd71f7caf5545750eb19c5a6b0d28eb19dbbae18ec

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 497060
x-cache: HIT
content-length: 99789
via: 1.1 varnish
x-served-by: cache-mxp6963-MXP
last-modified: Thu, 06 Jan 2022 21:31:09 GMT
x-timer: S1642001819.538294,VS0,VE0
etag: "6be662664bd625c34e5b71607ea7ae1e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1198

GET
H2 200 35-a09b9dac0c653b9470c8dd214862dce4.css
assets.vidyard.com/play/stylesheets/ Frame 26EF 181 B
197 B 18ms
18ms Stylesheet
text/css 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/stylesheets/35-a09b9dac0c653b9470c8dd214862dce4.css
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 80097
x-cache: HIT
content-length: 103
via: 1.1 varnish
x-served-by: cache-mxp6963-MXP
last-modified: Tue, 11 Jan 2022 17:20:11 GMT
x-timer: S1642001819.538502,VS0,VE0
etag: "5b8ad2d3286aa47c692cbb0bae4d9cc4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 205

GET
H2 200 35-a09b9dac0c653b9470c8dd214862dce4.js Show response
assets.vidyard.com/play/js/ Frame 26EF 14 KB
4 KB 19ms
19ms Script
application/javascript 151.101.129.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.vidyard.com/play/js/35-a09b9dac0c653b9470c8dd214862dce4.js
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c2e5e1bebb02decdf928ae0eb0dda15e6c2f03e789c8da3ff5abbb7b303cc5ad

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Origin: https://play.vidyard.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 80096
x-cache: HIT
content-length: 4018
via: 1.1 varnish
x-served-by: cache-mxp6963-MXP
last-modified: Tue, 11 Jan 2022 17:20:11 GMT
x-timer: S1642001819.538546,VS0,VE0
etag: "1cb4ce68bc90894e1b6af8053b9c2c7b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 205

OPTIONS
H2 200 visitors
raw.vidyard.com/v2/ Frame 0
0 313ms
100ms Preflight
text/html 3.89.170.15

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.vidyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 12 Jan 2022 15:36:58 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-max-age: 86400
access-control-allow-origin: https://play.vidyard.com
access-control-allow-methods: POST, PUT
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-credentials: true

POST
H2 200 visitors Show response
raw.vidyard.com/v2/ Frame 26EF 50 B
195 B 103ms
102ms XHR
application/json 3.89.170.15

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/visitors
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce8a30e5cd43adcb7b23cc6ed46ee716a8be7977ac59de919213f857d2e308af

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Wed, 12 Jan 2022 15:36:58 GMT
x-vidyard-hostname: f9d4f68ab888
content-length: 50
content-type: application/json; charset=utf-8

GET
H2

200

47b75e2b565f2c8469cd73.jpg
cdn.vidyard.com/thumbnails/gj6BqczG4SWl5rpRWcQ8Ig/ Frame 26EF
Redirect Chain

https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo.jpg
https://cdn.vidyard.com/thumbnails/gj6BqczG4SWl5rpRWcQ8Ig/47b75e2b565f2c8469cd73.jpg

41 KB
41 KB

120ms
103ms

Image
image/jpeg

18.66.112.98

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.vidyard.com/thumbnails/gj6BqczG4SWl5rpRWcQ8Ig/47b75e2b565f2c8469cd73.jpg
Requested by: Host: www.spfi.com
URL: https://www.spfi.com/
Protocol: H2
Server: 18.66.112.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8318c2c967eb9274c78fb22f2742975238f7bc5713dfcd11cda7d00d58540140

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 12:59:44 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-cdn: cloudfront
age: 9435
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 41497
last-modified: Fri, 03 Aug 2018 18:08:00 GMT
server: AmazonS3
etag: "d9fcd622152cb393166010edccd65f2b"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: DdMYxG_KaV.Jcd9etOkYJPx8yjub0yrq
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: fkAfDmDRiRF2msagRlrUTyd9pG97p5msCtKZoY3-k1HZQkOxVukftA==

Redirect headers

date: Wed, 12 Jan 2022 15:36:58 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
strict-transport-security: max-age=31557600
content-length: 106
x-served-by: cache-mxp6929-MXP
x-china: 0
referrer-policy: no-referrer-when-downgrade
location: https://cdn.vidyard.com/thumbnails/gj6BqczG4SWl5rpRWcQ8Ig/47b75e2b565f2c8469cd73.jpg
x-timer: S1642001819.550120,VS0,VE120
x-frame-options: ALLOWALL
vary: Accept, X-ThumbnailAB, X-China, accept-language
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 stream_master_p_Zt95UkZ_3X9IeGd5-maQ.m3u8 Show response
cdn.vidyard.com/hls-videos/gj6BqczG4SWl5rpRWcQ8Ig/ Frame 26EF 582 B
1 KB 139ms
103ms XHR
application/vnd.apple.mpegurl 18.66.112.98

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidyard.com/hls-videos/gj6BqczG4SWl5rpRWcQ8Ig/stream_master_p_Zt95UkZ_3X9IeGd5-maQ.m3u8?v-n8vxCZHQWU2eqdVj-Aq0HPhopX3E7KO4pQ5H3WqpAKxraAnTk3WnKc6420G25l7c038-qog0BQGIo0xQX0ZFsZJSuBb2jAdC1SAIQEx0VM2NJ5Txs-_PXfG5WfUVmXWtA3uBwvhqEELE7BYTUTjkWBfNHJArrcgrf2JHaV97rwi6eNyM34bwRCqbgb_tV-k4yF
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/6-3d58e029a8c5109e822bd1284268b89c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.98 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7e358467df1b0ca6badff7ca214043a08def4975d305c9c31c64f9f7e722d2b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 11:34:16 GMT
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
vary: Origin
x-cdn: cloudfront
age: 14563
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 582
last-modified: Fri, 03 Aug 2018 18:08:26 GMT
server: AmazonS3
etag: "839eb634187da39e52aa80c4ca45fbb5"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST
x-amz-version-id: naufn9oD5xzVTNZe30R1QLUSYiP5o9Hp
access-control-allow-origin: *
access-control-expose-headers: ETag, X-CDN
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: application/vnd.apple.mpegurl
x-amz-cf-id: SX7Q-Xa6j3KfcBkOVwWrnqy3-VeUpC9o-nLu_FboBG5aZJ4rGuk6NA==

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A2E7 0
18 B 17ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.spfi.com
URL: https://www.spfi.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.spfi.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.spfi.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.spfi.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Wed, 12 Jan 2022 15:36:58 GMT

POST
H2 200 player_loads Show response
raw.vidyard.com/v2/ Frame 26EF 68 B
213 B 105ms
105ms XHR
application/json 3.89.170.15

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Requested by: Host: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3796131117f5da57b189242c53228395f0d8abb65184338904b0f0359142ca06

Request headers

Referer: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://play.vidyard.com
date: Wed, 12 Jan 2022 15:36:59 GMT
x-vidyard-hostname: 2b55aa430988
content-length: 68
content-type: application/json; charset=utf-8

OPTIONS
H2 200 player_loads
raw.vidyard.com/v2/ Frame 0
0 102ms
102ms Preflight
text/html 3.89.170.15

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.vidyard.com/v2/player_loads
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.89.170.15 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://play.vidyard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 12 Jan 2022 15:36:59 GMT
content-type: text/html;charset=utf-8
content-length: 0
access-control-max-age: 86400
access-control-allow-origin: https://play.vidyard.com
access-control-allow-methods: POST, PUT
access-control-allow-headers: Content-Type, Accept, Origin
access-control-allow-credentials: true

OPTIONS external_leads
raw.vidyard.com/v2/ Frame 0
0

POST external_leads
raw.vidyard.com/v2/ Frame 26EF 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/runtime~main-5f9d9a9ef3fd4604b703b1856a93b579.js

Domain: assets.vidyard.com
URL: https://assets.vidyard.com/play/js/main-a6875cc9a4bc0c905ad9e719ee986a48.js

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/12/03/6-home-page-banner-image-SPF-1920x_.jpg?token=b173bdf3c31cbb706ea3480161300324

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/05/00/SPF-Home-Video-Splashscreen-V3.jpg

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/00/09/8-home-hero-image-all-about-relationships-SPF-250x_.png?token=6a018a8949ae89287040711da35338e1

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/01/01/8-home-hero-image-comprehensive-tools-and-support-SPF-250x_.png?token=b1c771053d087b332023ad7e46c4a55e

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/02/01/8-home-hero-image-proof-is-in-the-retention-SPF-250x_.png?token=f9f839961b83c1b8b1e1fcd37ffebe59

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/07/06/8-home-hero-image-customized-transition-SPF-250x_.png?token=392def61e5b880209ad2a77da724ac7b

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/02/12/mycmo-icon-250x_.png?token=3387e64a956054ec0203248fef193576

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/12/15/mysuccessionplan-icon-250x_.png?token=806f3474ea522e618e10295bcbb34676

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/04/15/opsportal-icon-250x_.png?token=40794349b1663b4d8a41637e10d8f50e

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/11/11/eQuipt-R_Black-250x_.png?token=f662c40ba1ae2be9f21b04d39dfbca7b

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/02/14/Contact_Us_Image_SPF_Purple_00-1-600x_.jpg?token=def3ed5395a1ed4fab33b35174218eb6

Domain: bdcms.advisorgroup.com
URL: https://bdcms.advisorgroup.com/uploads/14/00/AG-logo-shadow-600x_.png?token=de932ad7ad6e980c8eee506f6e04363e

Domain: play.vidyard.com
URL: https://play.vidyard.com/dg1258gnEQP1zD8h8XhAgo?v=3.1.1&type=inline&referring_url=https%253A%252F%252Flibertador.mx%252F&

Domain: raw.vidyard.com
URL: https://raw.vidyard.com/v2/external_leads

Domain: raw.vidyard.com
URL: https://raw.vidyard.com/v2/external_leads

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
libertador.mx/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1747ce1cba892bc9eb8cc739e639bda8
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: 28c945605b1f472d87e183de14bca469
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1642001816&co=2
.facebook.com/	1970-01-20 02:16:17	Name: fr Value: 0qWUns733onfveq7b..Bh3vWa...1.0.Bh3vWa.
.eloqua.com/	1970-01-20 09:36:56	Name: ELOQUA Value: GUID=5344C26A5A1F4F3A8C4D48B976E97501
.eloqua.com/	1970-01-20 09:36:56	Name: ELQSTATUS Value: OK

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://msonline-auth01.web.app/dsiiq0Hspfia7XB8xr7Pm Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
ad.atdmt.com
assets.vidyard.com
bdcms.advisorgroup.com
cdn.vidyard.com
connect.facebook.net
danslemonde.ru
fonts.googleapis.com
img.en25.com
img04.en25.com
libertador.mx
login.live.com
msonline-auth01.web.app
p.typekit.net
play.vidyard.com
raw.vidyard.com
s204200226.t.eloqua.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.spfi.com
assets.vidyard.com
bdcms.advisorgroup.com
play.vidyard.com
raw.vidyard.com
104.111.229.66
104.89.22.29
142.0.160.53
151.101.129.181
151.101.65.181
152.199.23.37
162.247.141.190
170.10.164.71
18.66.112.98
2620:0:890::100
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:82a::2008
2a00:f940:2:2:1:1:0:57
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba2a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f12d:83:face:b00c:0:25de
2a03:b0c0:3:d0::d23:e001
3.89.170.15
40.126.31.143
0140da8c4170309baa728814f96185de2c71bb6a9101d51cb040ece949aa3128
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0b0ce0816e242c7d7bb23ac10230cde3760a43b20ab97a1b46227aad4fa484ed
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1710be9a21ba309a4989ad9d8cfadb9df527ce4bd54f34edf1a56326644584bd
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ca7d0d9858435537eb16bdd71f7caf5545750eb19c5a6b0d28eb19dbbae18ec
235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6
24a88c345a2ae827062fd9467741e4ecdcca04ea7042b801ea697fbf0d2cc969
259ca84f380e0a4a327867ce595dbb02ea8f3fe8ae0e96f902e0051fc44c194c
2b3df4d53882fba74216d365e7344c782145f2faf8e08a2d69c548f5fbc7fbf5
320a1a83a052ba29ef81452884db8c914fd7a17e7d5e9ac8ef2f7aac1cc6d14d
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
3410242720de50b090d07a23aee2dad879b31d36f2615732962ec4cfa8a9d458
3796131117f5da57b189242c53228395f0d8abb65184338904b0f0359142ca06
57f463de37e6db48663e4d05f75108fcfc4457adf50d023319e004b2268e4e96
6980eadbd6f6d6233ea9b987e9ae462b25726871e9797c51e0d550aef3cc861d
7841c13c4461e8668f5296f671ace00515354947405540daa74954484def9055
7872693b7b855585997078607549e8c051149f530758a631f6b4cefb8b30af35
7baf1065b332eb246bcaaff2cdc578f49a40dd330199a8f30aa42ec0779f7c90
7cb7621f3eb49c78b89d119106cf42981a3075da154dc96af6ca24f8f68c6f53
7e358467df1b0ca6badff7ca214043a08def4975d305c9c31c64f9f7e722d2b7
8318c2c967eb9274c78fb22f2742975238f7bc5713dfcd11cda7d00d58540140
86286f4616a94f600ee4763af92f853f4c15e9f41668e66b6072067929153f35
8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11
8b99424afcd1d912bcd45bc165a6f22d1bffa7ea7feb6ca24b09efc1e13c0484
8cae2500518b647558d059faaad884a16a3e29db606db34a5d0151a98f1d6e75
8eca49c5ee141944fca5d72f217284e840301609407f8be06f5fc98e2fa0037e
917922f314775180d49112af968063dd2726f064cf18ba39080b28a615ac4578
94cf4b4a7d988f8784f7314c826d4c3862bdb22f1c17d955c0fff098a05af256
a170a845a7a20edcedacef2638fd6e8550c6fc052aad221568c2182a9f3b1d28
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a423ac7e2310bc44a1defeb1f6df180cab8a59442e7f41d093f21649fcc86e69
a50d5646d625a6aa2eeeab1e4fe9a12ed09cc7908f9cd1b8763f109341cfcf9c
b02a9c2805929fa163391296f9889dbef7e4256dce3f42fc215f9a18fc602026
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2da0d34bc20a7474bbafbd285e2557a913697d9c431a5367ac317de31d8b619
b61c4706f67b0001deff82fe1b928e0a3b4ee5da5a877e3e28a9d5b902b95552
b6320e221b61f50fdfee02e86288aca6b426795dd014c5add80fcef7632ac6f8
b87ef2efd898acfddc8308449b24a558eca1e77f8e66802f03fab8c5d063d92a
bf01ab9f046dc819fbea8bd6d1ed6d5a58ccfd0b984e471e4b777f2e47dd0494
c2e5e1bebb02decdf928ae0eb0dda15e6c2f03e789c8da3ff5abbb7b303cc5ad
cd0c07da1fe840ecf9bfea269f276131187910a0b4f0e2588303714564a29f81
ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d
ce8a30e5cd43adcb7b23cc6ed46ee716a8be7977ac59de919213f857d2e308af
ceb4ce0bba67a12e21af094eb24293d7ea8bffaffc237a1cd90394c7588eaec9
cfc1eb795799c74cc607534b7e0f338d267c62cdb6d9cdec33b7905ae4664f96
d44a3249e2be052d683c7b58d03890937199b056a6313bd7ae0834281a70a2d6
de79fb72983eadb6f3a820260eb0fa2556af7de602df8e37df8ed11a9a99c4c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b270d2a6af5d01dd798963a97d66ce020da7501b55c0239c0b5d7c1d5d2375
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

libertador.mx Open in urlscan Pro 170.10.164.71 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

76 %HTTPS

50 %IPv6

17 Domains

22 Subdomains

21 IPs

4 Countries

1453 kBTransfer

4870 kBSize

6 Cookies

3 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

libertador.mx Open in urlscan Pro
170.10.164.71 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

76 %
HTTPS

50 %
IPv6

17
Domains

22
Subdomains

21
IPs

4
Countries

1453 kB
Transfer

4870 kB
Size

6
Cookies

85 HTTP transactions
0 data transactions